VYPR
Medium severity6.2NVD Advisory· Published Jan 30, 2026· Updated Apr 15, 2026

CVE-2025-62349

CVE-2025-62349

Description

Salt contains an authentication protocol version downgrade weakness that can allow a malicious minion to bypass newer authentication/security features by using an older request payload format, enabling minion impersonation and circumventing protections introduced in response to prior issues.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
saltPyPI
>= 3006.12, < 3006.173006.17
saltPyPI
>= 3007.4, < 3007.93007.9

Affected products

193

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.